Cybercriminals have devised a new online scam that poses a serious threat to Gmail users. The scam, recently identified by the Malwarebytes team, targets unsuspecting individuals by tricking them into resetting their passwords under the guise of Google Support notifications.
The fraudulent scheme typically begins with a fake email purporting to be from Google Support, claiming unauthorized access attempts to the recipient’s account and prompting a password reset. In some cases, the email is followed by a phone call for added credibility.
The scammers aim to extract the security code sent by Google during the password reset process. Once obtained, they can gain unauthorized access to the victim’s account and pilfer sensitive personal information.
Malwarebytes explained the modus operandi of the scammers, stating that victims are lured into resetting their passwords by entrapping them into revealing their login credentials and security codes. This enables the scammers to hijack the victim’s account while pretending to assist in resetting the system.
Although the extent of the issue remains uncertain, reports from targeted Google users confirm recent encounters with this deceptive tactic. One victim recounted a scammer attempting to take control of their account during a call, emphasizing the fraudulent nature of the scheme.
To enhance the illusion of legitimacy, scammers may instruct victims to verify their phone number by calling back a specified number. However, as highlighted by a Reddit user, this tactic is a ruse as the number provided does not connect to any legitimate support service.
Google has issued a warning regarding these fraudulent activities, advising users not to disclose any sensitive information. The company clarified that it does not charge for account recovery services or provide phone-based support for Gmail-related issues.
If users receive any suspicious communication from Google requesting account resets, caution is advised as it is likely a scam. Stay vigilant and refrain from sharing personal data in response to such deceptive tactics.